About

ProntoForms provides Security Assertion Markup Language (SAML) based Single Sign-On (SSO). This allows users to use their corporate credentials to log in -- they do not need to maintain separate ProntoForms login information. ProntoForms SSO can be used with a number of identity providers, including LastPass, OneLogin, and Active Directory.

Beyond ease of login, enabling SAML on a team provides extra security features. Organizations can easily manage all user credentials through a single identity provider. It is also possible to set a maximum session length for ProntoForms, so users are required to re-authenticate after a set period.

What is SAML/Single Sign-On?

Security Assertion Markup Language (SAML) is an XML standard that enables single sign-on (SSO). SAML performs authorization (what parts of the service a user is allowed to access?) and authentication (is a user allowed access to a service?) between an identity provider (IdP) and a service provider (SP).

For example:

ProntoForms is a service provider.

Lastpass, OneLogin, and similar services are identity providers.

With single sign-on, users that are authenticated on a commonly used IdP can log into sites like ProntoForms using their corporate credentials. With centralized identity providers, SAML can be used to manage user IDs, passwords and associated authentications.

ProntoForms supports SAML 2.0.

How does enabling SSO affect how users log in?

When enabled on a ProntoForms team, single sign-on can be used to log into the ProntoForms web portal, the iOS mobile app, and the Android mobile app.

When users try to sign into ProntoForms...

They will be prompted to enter their ProntoForms username, email address, or team domain

They will be redirected to their IdP

Users log in to their IdP

Users will be automatically logged in to ProntoForms

Users already authenticated on the IdP side are logged into ProntoForms without entering any credentials.

Session Length

Portal Session Length

After authenticating to the ProntoForms web portal, users can stay logged in without activity for this amount of time before being forced to re-authenticate. Because web portal access entails access to more privileges and data, the maximum session length is 2 weeks.

Minimum Length: 15 minutes

Maximum Length: 2 weeks

Device Session Length

After authenticating to the iOS or Android app, users can stay logged in without activity for this amount of time before being forced to re-authenticate.